• Identity Management
    • User Management
    • Delegation
    • Self Service
    • Out of Office Assistant
    • Password Reset
    • Phone book
  • Authorization
    • Access Management
    • Approval Workflow
    • Role-based access
    • Single sign-on (SSO)
    • Automation
  • Systems
    • Active Directory
    • Entra ID – M365
    • HR systems
    • PowerShell
  • Solutions
    • Why IDM-Portal
    • Compliance
    • Editions & prices
    • Further solutions
  • References
    • Our customers
    • Our projects
    • Partnership
    • Press
  • Company
    • About us
    • News
  • Contact
  • English
    • German
FirstWare IDM-PortalFirstWare IDM-Portal
FirstWare IDM-PortalFirstWare IDM-Portal
User Driven
Identity Management
  • Identity Management
    • User Management
    • Delegation
    • Self Service
    • Out of Office Assistant
    • Password Reset
    • Phone book
  • Authorization
    • Access Management
    • Approval Workflow
    • Role-based access
    • Single sign-on (SSO)
    • Automation
  • Systems
    • Active Directory
    • Entra ID – M365
    • HR systems
    • PowerShell
  • Solutions
    • Why IDM-Portal
    • Compliance
    • Editions & prices
    • Further solutions
  • References
    • Our customers
    • Our projects
    • Partnership
    • Press
  • Company
    • About us
    • News
  • Contact
  • English
    • German
Gruppen-berechtigungen

Access Management

Determine who can do what

Secure authorization management in Active Directory and in the cloud:

Manage hybrid IT landscapes with dynamic group management in IDM-Portal.

Group management

Role-based delegation

Approvals

The user perspective

Employees expect that everything is running smoothly at work.

 

Access Mangement with IDM-Portal

Authorization management ensures that they have access to relevant

drives

data

distribution lists

without waiting times and error messages.

What happens technically behind the scenes doesn’t interest them:

User friendly Identity & Access Management

The solution

Create groups and assign memberships

Authorization management in IDM-Portal is easy and well-organized.
Groups and group members are added or removed via ‘drag & drop’ .

It is simple and straightforward so that non-IT department heads or HR staff can do the job.

Group memberships of a user - Authorization management with IDM-Portal

They assign memberships directly within a user’s profile or use the section ‘Groups’ to create new groups and add members.

For the administrator, this means a massive reduction in workload,
for the end user best working conditions.

 

Practical applications – Three examples

Permission groups

Create authorization groups
in IDM-Portal and assign members.

Email distribution lists

Create email distribution lists
for sending email messages.

Department groups

Specify department groups and
add relevant employees.

Active Directory and Cloud – Connect both worlds

Are you one of those companies that are opening up towards the cloud?
Then you are probably wondering how access management works in AD and in Entra ID.
The quick answer: IDM-Portal handles both tasks.

What happens when you make changes in Active Directory through IDM-Portal?

IDM-Portal works with your Active Directory. As a result, all changes are made directly to the AD.
This applies to group memberships as well as all other properties (department, phone number and other data).
In a hybrid environment, we turn on a powerful synchronization of the data with Entra ID.
This way, both directories are at the same up-to-date status.

Main features – Access management

Edit group memberships directly in the user profile

Permissions can be set up directly in the user’s profile.

Conveniently view all Active Directory groups or search for the relevant groups.

Simply select the required groups.

By using ‘drag & drop’ the groups can be easily moved over to the user’s profile.

Access management from a group perspective

Get all your Active Directory and Entra ID group and permissions management done in IDM-Portal.

In the menu tab ‘Groups’ you manage groups and group members. Alternatively, you delegate the editing to the owner of the group.

Select those employees who you want to add as members of the group. You can also remove users by using the ‘drag and drop’ function.

Access rights assigned by helpdesk and manager

Usually, head of departments or help desk team members are not able to grant permissions for their own resources. Use IDM-Portal to delegate the access rights management to the owner.

The following tasks can be delegated, depending on the role of the user:

  • Create new mail or permission groups
  • Add or delete new members
  • Trigger workflows that lead to approvals

Windows does not offer a user-friendly front end tool for normal users to manage department groups. With IDM-Portal, group and user management tasks do not need to be exclusively in the hands of IT admins anymore.

Access management - Groups, delegation, roles - IDM-Portal

Access management - Approval workflow with IDM-Portal

Integration of approval workflows

Configure which groups and data changes require approval in IDM-Portal. Define which persons must agree to the application process.

The approval-based workflow includes clearly defined steps:

  • Applicants save changes in the IDM portal
  • Approvers are automatically informed
  • Decision is made via approval web interface

Key decision makers drive the process.

Key users are involved and fully informed.

IDM-Portal Hybrid IAM Lösung

Secure Access Management

As optimized as you want.

As smart as you need.

  • Automated permissions
  • Easy group editing via ‘drag & drop’
  • User view and group view
  • Delegation with role-based scope

The advantages

Simple assignment of permissions

All access rights from day 1

Automated authorizations

Kaffee-Entlastung

Noticeable relief
for IT

Rollen Ampel

Role-based delegation

Time and cost savings

Automate with concept – without manual group administration

If your main goal is to save time and assign permissions effectively and fast you should solve access management tasks conceptionally.

What are the criteria for the permissions?

IDM-Portal speaks PowerShell and offers multilayered possibilities for automation.

At best you will not need AD group management anymore.

 

IAM expert

Tip from the expert

The best way to implement an authorization concept is to approach the subject from two sides.
We are happy to explain why. Standard cases can already be easily handled
via IDM-Portal’s user management.

Also, actively involve your resource owners by letting them manage the groups themselves
or trigger approval workflows.

Contact

You reach us at

+49 81 969 984 330

or via our

Contact Info

  • FirstAttribute AG
  • Am Büchele 18, 86928 Hofstetten, Germany
  • +49 8196 998 4330
  • firstattribute.com

Topics

  • Terms of Use & EULA
  • Legal Information
  • Privacy Policy
  • Contact

Latest News

  • AD and authorization audit: Control, compliance and clarity with IDM-Portal
  • Management of authorization groups by department heads
  • Manage M365 groups: This makes it especially easy
  • Migration to Microsoft Graph API: Optimizing MFA management and security with PowerShell SDK
  • Passkeys: The Future of Authentication
  • Our IAM guide to preparing for an identity and access management project

© 2025 · FirstAttribute AG.